Trojan.JS.Seeker
Description Trojan.JS.Seeker
This script written in JavaScript language quietly changes a browser's home page and search page without user confirmation.
The script uses an MS Internet Explorer 5.0 Typelib security vulnerability to create an HTA file in the Windows start-up directory. This file automatically runs upon the next Windows start-up, at which point the script gains control.
The script in the HTA file modifies the system registy keys where the home and search page addresses are specified (before modifying the keys, the script stores their values into BACKUP1.REG and BACKUP2.REG files in the Windows directory). After this, the script deletes the HTA file (and itself).
Check other viruses! Be aware! Use Antiviral Software
Cracky.596
Description Cracky.596
This is a memory resident parasitic virus. It writes the TSR part into the DOS data area, hooks INT 21h and infects by a standard manner the COM files upon their execution. It contains the mask string "*.com". On April, 1st it erases the disk C: FAT sectors, it also contains the text "Milena".
Crash.543
Description Crash.543
This is a not memory resident benign virus which searches for COM files and infects them by a standard manner. On Friday, 13th it types:
That could be a crash, crash, crash !
|